/// <summary> /// Verify the RSA signature on the SignedBlob using the given public key. /// </summary> /// /// <param name="signature">The signature bits.</param> /// <param name="signedBlob">the SignedBlob with the signed portion to verify.</param> /// <param name="publicKeyDer">The DER-encoded public key used to verify the signature.</param> /// <returns>true if the signature verifies, false if not.</returns> protected internal static bool verifySha256WithRsaSignature(Blob signature, SignedBlob signedBlob, Blob publicKeyDer) { KeyFactory keyFactory = null; try { keyFactory = System.KeyFactory.getInstance("RSA"); } catch (Exception exception) { // Don't expect this to happen. throw new SecurityException("RSA is not supported: " + exception.Message); } System.SecurityPublicKey publicKey = null; try { publicKey = keyFactory.generatePublic(new X509EncodedKeySpec( publicKeyDer.getImmutableArray())); } catch (InvalidKeySpecException exception_0) { // Don't expect this to happen. throw new SecurityException("X509EncodedKeySpec is not supported: " + exception_0.Message); } System.SecuritySignature rsaSignature = null; try { rsaSignature = System.SecuritySignature.getInstance("SHA256withRSA"); } catch (Exception e) { // Don't expect this to happen. throw new SecurityException( "SHA256withRSA algorithm is not supported"); } try { rsaSignature.initVerify(publicKey); } catch (InvalidKeyException exception_1) { throw new SecurityException("InvalidKeyException: " + exception_1.Message); } try { rsaSignature.update(signedBlob.signedBuf()); return rsaSignature.verify(signature.getImmutableArray()); } catch (SignatureException exception_2) { throw new SecurityException("SignatureException: " + exception_2.Message); } }
/// <summary> /// Verify the DigestSha256 signature on the SignedBlob by verifying that the /// digest of SignedBlob equals the signature. /// </summary> /// /// <param name="signature">The signature bits.</param> /// <param name="signedBlob">the SignedBlob with the signed portion to verify.</param> /// <returns>true if the signature verifies, false if not.</returns> protected internal static bool verifyDigestSha256Signature(Blob signature, SignedBlob signedBlob) { // Set signedPortionDigest to the digest of the signed portion of the signedBlob. byte[] signedPortionDigest = net.named_data.jndn.util.Common .digestSha256(signedBlob.signedBuf()); return ILOG.J2CsMapping.Collections.Arrays.Equals(signedPortionDigest,signature.getImmutableArray()); }